From 81a49989c0acbe7ddf61398532d87be1a1aa3ee1 Mon Sep 17 00:00:00 2001 From: Patrick Lockley Date: Fri, 20 Apr 2012 16:41:33 +0000 Subject: [PATCH] git-svn-id: https://xerteonlinetoolkits.googlecode.com/svn/trunk@299 912cdd6b-5c7d-d5a7-a2ba-d0f0cdb91641 --- modules/xerte/edit.php | 16 +- preview.php | 25 +- switch.txt | 476 ++++++++++++++---- .../php/versioncontrol/template_close.php | 2 +- .../php/versioncontrol/update_file.php | 50 +- website_code/scripts/template_management.js | 44 +- 6 files changed, 460 insertions(+), 153 deletions(-) diff --git a/modules/xerte/edit.php b/modules/xerte/edit.php index 35ad977922..f42d52df38 100644 --- a/modules/xerte/edit.php +++ b/modules/xerte/edit.php @@ -95,21 +95,11 @@ function hideunload(){ function bunload(){ - path = ""; - if($version_control){ + template = ""; - echo $row_edit['template_id'] . "-" . $row_username['username'] . "-" . $row_edit['template_name'] . "/"; - - }else{ - - echo $row_edit['template_id'] . "-" . $row_username['username'] . "-" . $row_edit['template_name'] . "/"; - - } - -?>"; - -window_reference.edit_window_close(path); +window_reference.edit_window_close(path,template); } diff --git a/preview.php b/preview.php index 69fa7ff399..8196c55c20 100644 --- a/preview.php +++ b/preview.php @@ -21,6 +21,7 @@ * Check the ID is numeric */ if(isset($_SESSION['toolkits_logon_id'])) { + if(is_numeric($_GET['template_id'])) { $safe_template_id = (int) $_GET['template_id']; @@ -34,11 +35,12 @@ $query_for_preview_content = str_replace("TEMPLATE_ID_TO_REPLACE", $safe_template_id, $query_for_preview_content_strip); - // get their username from the db which matches their login_id from the $_SESSION - $row_username = db_query_one("select username from {$xerte_toolkits_site->database_table_prefix}logindetails where login_id=?", array($_SESSION['toolkits_logon_id'])); - - $row = db_query_one($query_for_preview_content); + $row = db_query_one($query_for_preview_content); + // get their username from the db which matches their login_id from the $_SESSION + $row_username = db_query_one("select username from {$xerte_toolkits_site->database_table_prefix}logindetails where login_id=?", array($row['user_id'])); + + // is there a matching template? if(!empty($row)) { // if they're an admin or have rights to see the template, then show it. @@ -47,8 +49,17 @@ show_preview_code($row, $row_username); exit(0); } + } - } -} + + }else{ + + echo PREVIEW_RESOURCE_FAIL; + + } + +}else{ -echo PREVIEW_RESOURCE_FAIL; + echo PREVIEW_RESOURCE_FAIL; + +} diff --git a/switch.txt b/switch.txt index c41be8c806..88e56b6fe0 100644 --- a/switch.txt +++ b/switch.txt @@ -1,10 +1,9 @@ php_library_path . "login_library.php"; +include $xerte_toolkits_site->php_library_path . "login_library.php"; include $xerte_toolkits_site->php_library_path . "display_library.php"; +function show_page($extra,$xerte_toolkits_site){ + +?> + + + + <?PHP echo $xerte_toolkits_site->site_title; ?> + + + + + + + + + +
+ + +
+
+
+

+ welcome_message; ?> +

+
+
+
+ +
+
+

+ +

+

+

+

+
+
+
+ news_text; ?> +
+ +
+
+
+
+
+
+

+ site_text; ?> +

+
+
+
+
+
+

+
+ copyright; ?> +

+ + + + + +root_file_path . $xerte_toolkits_site->website_code_path . "login_top")); - - $buffer .= $form_string; - - $buffer .= login_page_format_bottom(file_get_contents($xerte_toolkits_site->root_file_path . $xerte_toolkits_site->website_code_path . "login_bottom")); - - echo $buffer; + show_page(NULL,$xerte_toolkits_site); } @@ -47,13 +155,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') { if(($_POST["login"]=="")&&($_POST["password"]=="")){ - $buffer = login_page_format_top(file_get_contents($xerte_toolkits_site->root_file_path . $xerte_toolkits_site->website_code_path . "login_top")); - - $buffer .= "

Please enter your username and password

"; - - $buffer .= login_page_format_bottom(file_get_contents($xerte_toolkits_site->root_file_path . $xerte_toolkits_site->website_code_path . "login_bottom")); - - echo $buffer; + show_page("

" . INDEX_USERNAME_AND_PASSWORD_EMPTY . "

",$xerte_toolkits_site); /* * Username left empty @@ -61,13 +163,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') { }else if($_POST["login"]==""){ - $buffer = login_page_format_top(file_get_contents($xerte_toolkits_site->root_file_path . $xerte_toolkits_site->website_code_path . "login_top")); - - $buffer .= "

Please enter your username

"; - - $buffer .= login_page_format_bottom(file_get_contents($xerte_toolkits_site->root_file_path . $xerte_toolkits_site->website_code_path . "login_bottom")); - - echo $buffer; + show_page("

" . INDEX_USERNAME_EMPTY . "

",$xerte_toolkits_site); /* * Password left empty @@ -75,13 +171,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') { }else if($_POST["password"]==""){ - $buffer = login_page_format_top(file_get_contents($xerte_toolkits_site->root_file_path . $xerte_toolkits_site->website_code_path . "login_top")); - - $buffer .= "

Please enter your password

"; - - $buffer .= login_page_format_bottom(file_get_contents($xerte_toolkits_site->root_file_path . $xerte_toolkits_site->website_code_path . "login_bottom")); - - echo $buffer; + show_page("

" . INDEX_PASSWORD_EMPTY . "

",$xerte_toolkits_site); /* * Password and username provided, so try to authenticate @@ -93,102 +183,314 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') { * See if the submitted values are valid logins */ - $authenticated = false; + if(($_POST["login"]!="")&&($_POST["password"]!="")){ - function set_user_details($firstname, $surname){ + /* + * See if the submitted values are valid logins + */ - $_SESSION['toolkits_firstname'] = $firstname; - $_SESSION['toolkits_surname'] = $surname; + $authenticated = false; - } + function set_user_details($firstname, $surname){ - switch($_POST["login"]){ + $_SESSION['toolkits_firstname'] = $firstname; + $_SESSION['toolkits_surname'] = $surname; - case "pat": if($_POST["password"]=="patpassword"){ $authenticated = true; set_user_details("Pat","Blair");}; break; - case "john": if($_POST["password"]=="johnpassword"){ $authenticated = true; set_user_details("John","Obama"); }; break; - case "bob": if($_POST["password"]=="bobpassword"){ $authenticated = true; set_user_details("Bob","Putin"); }; break; - case "sarah": if($_POST["password"]=="sarahpassword"){ $authenticated = true; set_user_details("Sarah","Sarkozy"); }; break; - default: $authenticated = false; break; + } - } + switch($_POST["login"]){ - if($authenticated){ - - include $xerte_toolkits_site->php_library_path . "user_library.php"; + case "pat": if($_POST["password"]=="patpassword"){ $authenticated = true; set_user_details("Pat","Blair");}; break; + case "john": if($_POST["password"]=="johnpassword"){ $authenticated = true; set_user_details("John","Obama"); }; break; + case "bob": if($_POST["password"]=="bobpassword"){ $authenticated = true; set_user_details("Bob","Putin"); }; break; + case "sarah": if($_POST["password"]=="sarahpassword"){ $authenticated = true; set_user_details("Sarah","Sarkozy"); }; break; + default: $authenticated = false; break; - $mysql_id=database_connect("index.php database connect success","index.php database connect fail"); + } + + if($authenticated){ - $_SESSION['toolkits_logon_username'] = $_POST["login"]; + include $xerte_toolkits_site->php_library_path . "user_library.php"; - /* - * Check to see if this is a users' first time on the site - */ + $mysql_id=database_connect("index.php database connect success","index.php database connect fail"); - if(check_if_first_time($_SESSION['toolkits_logon_username'])){ + $_SESSION['toolkits_logon_username'] = $_POST["login"]; - /* - * create the user a new id - */ + /* + * Check to see if this is a users' first time on the site + */ - $_SESSION['toolkits_logon_id'] = create_user_id($_SESSION['toolkits_logon_username'], $_SESSION['toolkits_firstname'], $_SESSION['toolkits_surname']); + if(check_if_first_time($_SESSION['toolkits_logon_username'])){ - /* - * create a virtual root folder for this user - */ + /* + * create the user a new id + */ - create_a_virtual_root_folder(); + $_SESSION['toolkits_logon_id'] = create_user_id($_SESSION['toolkits_logon_username'], $_SESSION['toolkits_firstname'], $_SESSION['toolkits_surname']); - }else{ + /* + * create a virtual root folder for this user + */ - /* - * User exists so update the user settings - */ + create_a_virtual_root_folder(); - $_SESSION['toolkits_logon_id'] = get_user_id(); + }else{ - update_user_logon_time(); + /* + * User exists so update the user settings + */ - } + $_SESSION['toolkits_logon_id'] = get_user_id(); + + update_user_logon_time(); + + } - recycle_bin(); + recycle_bin(); + + } /* * Output the main page, including the user's and blank templates */ +?> + - echo file_get_contents($xerte_toolkits_site->website_code_path . "management_headers"); + + + + <?PHP echo $xerte_toolkits_site->site_title; ?> + + + // JAVASCRIPT library for fixed variables\n // management of javascript is set up here\n // SITE SETTINGS\n"; + echo " + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+
+
+
+
+
+
+
+

+
+
+
+
+
+
+
+
+
+
+ +
+
+

+
+ +
+ + + +
+ +
+
+ +
+ +
+
+ + + +
+ +
+
+ + + +
+
+ + + +
+
site_url . "\";\n"; + list_users_projects("data_down"); - echo "var site_apache = \"" . $xerte_toolkits_site->apache . "\";\n"; +?>
+
+ + +
+
+ +
+
+
+ pod_one; ?> +
+ +
+ pod_two; ?> +
+
- echo logged_in_page_format_middle(file_get_contents($xerte_toolkits_site->website_code_path . "management_middle")); +
+ + +
+ + + + + +
website_code_path . "management_bottom"); +?> + +
+
+
+ +
+
+
+

+
+ copyright; ?>

+
+ + + + + admin_username)&&(stripslashes($_POST["password"])==$xerte_toolkits_site->admin_password)){ - $buffer = login_page_format_top(file_get_contents($xerte_toolkits_site->root_file_path . $xerte_toolkits_site->website_code_path . "login_top")); + show_page("

" . INDEX_SITE_ADMIN . "

",$xerte_toolkits_site); - $buffer .= "

Sorry that password combination was not correct

"; + }else{ - $buffer .= login_page_format_bottom(file_get_contents($xerte_toolkits_site->root_file_path . $xerte_toolkits_site->website_code_path . "login_bottom")); + /* + * login has failed + */ - echo $buffer; + show_page("

" . INDEX_LOGON_FAIL . "

",$xerte_toolkits_site); + + } } @@ -196,6 +498,6 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') { } -?> +?> - + \ No newline at end of file diff --git a/website_code/php/versioncontrol/template_close.php b/website_code/php/versioncontrol/template_close.php index 065bfbf5aa..31ba1fd812 100644 --- a/website_code/php/versioncontrol/template_close.php +++ b/website_code/php/versioncontrol/template_close.php @@ -66,7 +66,7 @@ $preview_xml = file_get_contents($preview_file); $data_xml = file_get_contents($data_file); if($data_xml!=$preview_xml){ - echo TEMPLATE_CLOSE_QUESTION . "~*~" . $xerte_toolkits_site->users_file_area_full . $temp_array[0] . "-" . $temp_array[1] . "-" . $temp_array[2]; + echo TEMPLATE_CLOSE_QUESTION . "~*~" . $xerte_toolkits_site->users_file_area_full . $temp_array[0] . "-" . $temp_array[1] . "-" . $temp_array[2] . "~*~" . $temp_array[0]; } } } diff --git a/website_code/php/versioncontrol/update_file.php b/website_code/php/versioncontrol/update_file.php index 99aecd5479..d738d8d421 100644 --- a/website_code/php/versioncontrol/update_file.php +++ b/website_code/php/versioncontrol/update_file.php @@ -16,47 +16,51 @@ require('../template_status.php'); -if(is_numeric($_POST['template_id'])){ +if(isset($_POST['template_id'])){ - if(!empty($_POST['file_path'])){ + if(is_numeric($_POST['template_id'])){ - $temp_array = explode("-",str_replace($xerte_toolkits_site->users_file_area_full,"",stripcslashes($_POST['file_path']))); + if(!empty($_POST['file_path'])){ - }else{ + $temp_array = explode("-",str_replace($xerte_toolkits_site->users_file_area_full,"",stripcslashes($_POST['file_path']))); - $query_for_play_content_strip = str_replace("\" . \$xerte_toolkits_site->database_table_prefix . \"", $xerte_toolkits_site->database_table_prefix, $xerte_toolkits_site->play_edit_preview_query); + }else{ - $query_for_play_content = str_replace("TEMPLATE_ID_TO_REPLACE", mysql_real_escape_string($_POST['template_id']), $query_for_play_content_strip); + $query_for_play_content_strip = str_replace("\" . \$xerte_toolkits_site->database_table_prefix . \"", $xerte_toolkits_site->database_table_prefix, $xerte_toolkits_site->play_edit_preview_query); - $query_for_play_content_response = mysql_query($query_for_play_content); + $query_for_play_content = str_replace("TEMPLATE_ID_TO_REPLACE", mysql_real_escape_string($_POST['template_id']), $query_for_play_content_strip); - $row_play = mysql_fetch_array($query_for_play_content_response); + $query_for_play_content_response = mysql_query($query_for_play_content); - $temp_array = array(); + $row_play = mysql_fetch_array($query_for_play_content_response); - array_push($temp_array, mysql_real_escape_string($_POST['template_id'])); + $temp_array = array(); - array_push($temp_array, $row_play['username']); + array_push($temp_array, mysql_real_escape_string($_POST['template_id'])); - array_push($temp_array, $row_play['template_name']); + array_push($temp_array, $row_play['username']); - } - /* - * Code to sync files - */ + array_push($temp_array, $row_play['template_name']); + + } + /* + * Code to sync files + */ + + if(is_user_an_editor($temp_array[0],$_SESSION['toolkits_logon_id'])){ - if(is_user_an_editor($temp_array[0],$_SESSION['toolkits_logon_id'])){ + $preview_xml = file_get_contents($xerte_toolkits_site->users_file_area_full . $temp_array[0] . "-" . $temp_array[1] . "-" . $temp_array[2] . "/preview.xml"); - $preview_xml = file_get_contents($xerte_toolkits_site->users_file_area_full . $temp_array[0] . "-" . $temp_array[1] . "-" . $temp_array[2] . "/preview.xml"); + $data_handle = fopen($xerte_toolkits_site->users_file_area_full . $temp_array[0] . "-" . $temp_array[1] . "-" . $temp_array[2] . "/data.xml","w"); - $data_handle = fopen($xerte_toolkits_site->users_file_area_full . $temp_array[0] . "-" . $temp_array[1] . "-" . $temp_array[2] . "/data.xml","w"); + fwrite($data_handle,$preview_xml); - fwrite($data_handle,$preview_xml); + fclose($data_handle); - fclose($data_handle); + echo UPDATE_SUCCESS; + + } - echo UPDATE_SUCCESS; - } } diff --git a/website_code/scripts/template_management.js b/website_code/scripts/template_management.js index 5cbf62922a..f0ba9b469b 100644 --- a/website_code/scripts/template_management.js +++ b/website_code/scripts/template_management.js @@ -231,13 +231,13 @@ function edit_window(admin){ }else{ - alert(RECYCLE_EDIT); + alert("You cannot edit files in the recycle bin. Please remove the file from the recycle bin before editing."); } }else{ - alert(FOLDER_EDIT); + alert("You cannot edit a folder. To change a folder's properties please click 'Properties'"); } @@ -313,7 +313,7 @@ function file_version_sync(){ if (xmlHttp.readyState==4){ response = xmlHttp.responseText.trim(); if(response!=""){ - alert(FILE_SYNC_FAIL + " " + response); + alert(response); } } } @@ -329,7 +329,7 @@ function file_version_sync(){ function file_need_save(){ if (xmlHttp.readyState==4){ - + result = xmlHttp.responseText.split("~*~"); if(xmlHttp.responseText!=""){ @@ -343,7 +343,7 @@ function file_need_save(){ xmlHttp.open("post",url,true); xmlHttp.onreadystatechange=file_version_sync; xmlHttp.setRequestHeader("Content-Type", "application/x-www-form-urlencoded"); - xmlHttp.send('file_path=' + result[1]); + xmlHttp.send('file_path=' + result[1] + "&template_id=" + result[2]); } @@ -423,7 +423,7 @@ function example_window(example_id){ } }else{ - alert(NO_EXAMPLE); + alert("Sorry an example does not exist for this template"); } } @@ -459,7 +459,7 @@ function preview_window(admin){ }else{ - alert(PROJECT_SELECT); + alert("Please select a project to preview."); } @@ -603,7 +603,7 @@ function properties_window(admin){ }else{ - alert(RECYCLE_PROPERTIES); + alert("You cannot set the properties on a file in the recycle bin, please remove this file before continuing"); } @@ -795,7 +795,7 @@ function delete_stateChanged(){ response = xmlHttp.responseText.trim(); if(response.indexOf("Sorry")==0){ - alert(ERROR_DELETE + ' "' + response + '"'); + alert('Error while trying to delete template "' + response + '"'); } @@ -844,23 +844,23 @@ function duplicate_template(){ }else{ - alert(RECYCLE_DUPLICATE); + alert("Please remove content from the recycle bin before duplicating it."); } }else{ - alert(DUPLICATE_PROMPT); + alert("Please select a project to duplicate"); } }else if(drag_manager.selected_items.length==0){ - alert(DUPLICATE_PROMPT); + alert("Please select a template you would like to duplicate"); }else{ - alert(DUPLICATE_LIMIT); + alert("Only 1 template can be duplicated at any time."); } @@ -880,7 +880,7 @@ function duplicate_stateChanged(){ response = xmlHttp.responseText.trim(); if(response!=""){ - alert(ERROR_DUPLICATE + ' : "' + response + '"'); + alert('Error while duplicating : "' + response + '"'); } @@ -920,7 +920,7 @@ function publish_this(){ }else{ - alert(PUBLISH_LIMIT); + alert("Only 1 template can be published at any time"); } @@ -938,7 +938,7 @@ function publish_stateChanged(){ if (xmlHttp.readyState==4){ - alert(PUBLISH_SUCCESS); + alert("Your file has been published"); } @@ -984,14 +984,14 @@ function remove_this(){ } if(document.getElementById("folder_workspace").mainhighlight){ - alert(WORKSPACE_DELETE); + alert("You cannot delete the Workspace folder"); } }else{ if(drag_manager.selected_items.length!=1){ - var response = confirm(DELETE_MULTIPLE_PROMPT); + var response = confirm("Are you sure you with to delete these item?"); }else{ @@ -999,7 +999,7 @@ function remove_this(){ name_string = data_string.split(">"); - var response = confirm(name_string[1] + "\n\n" + DELETE_PROMPT); + var response = confirm(name_string[1] + "\n\nAre you sure you with to delete?"); } @@ -1013,7 +1013,7 @@ function remove_this(){ if(drag_manager.selected_items[x].parentNode.id=="folderchild_recyclebin"){ - var answer = confirm(DELETE_PERMENANT_PROMPT + " - " + drag_manager.selected_items[x].innerHTML.substr(drag_manager.selected_items[x].innerHTML.indexOf(">")+1,drag_manager.selected_items[x].innerHTML.length)); + var answer = confirm("Are you sure you want to permenantly delete file - " + drag_manager.selected_items[x].innerHTML.substr(drag_manager.selected_items[x].innerHTML.indexOf(">")+1,drag_manager.selected_items[x].innerHTML.length)); if(answer){ @@ -1034,7 +1034,7 @@ function remove_this(){ if(folder_children!=0){ - alert(DELETE_FOLDER_NOT_EMPTY); + alert("Sorry you cannot delete a folder that has projects in it. Please empty the folder first"); }else{ @@ -1216,7 +1216,7 @@ function create_tutorial(tutorial){ if(is_ok_name(document.getElementById(tutorial).childNodes[1].filename.value)){ xmlHttp.send('tutorialid=' + tutorial + '&tutorialname=' + document.getElementById(tutorial).childNodes[1].filename.value); }else{ - alert(NAME_FAIL); + alert("Sorry that is not a valid name. Please use only letters and numbers."); } } }